Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

suraj.sun writes "An iPhone-owner whose daughter downloaded $200 worth of 'Zombie Toxin' and 'Gems' through in-app purchases on his iPhone has been allowed to pursue a class action suit against Apple for compensation of up to $5m. Garen Meguerian of Pennsylvania launched the class-action case against Apple in April 2011 after he discovered that his nine-year-old daughter had been draining his credit card account through in-app purchases on 'free' games including Zombie Cafe and Treasure Story. This month, Judge Edward J Davila in San Jose District Federal Court has allowed the case to go to trial, rejecting Apple's claim that the case should be dismissed. Meguerian claimed that Apple was unfairly targeting children by allowing games geared at kids to push them to make purchases. He describes games that are free to play but require purchases of virtual goods to progress as 'bait apps' and says they should not be aimed at children."

You do have to enter a password but it does cache it for a short time. So in theory a parent making a purchase and handing an iOS device to a child could enable the child to make purchases at will for a short time.

iOS does give the parent the ability to set up the phone/ipad/ipod to require password every single transaction without wait window. It also provides a way for you to entirely disable the ability to consume In-App Purchases, so you can rest assured the kid is not asking you for the password for anything but the initial app.

Prior to the iOS 4.3 update in March 2011, there was a 15-minute grace period after you entered your password where you didn't have to enter it again. Following some complaints that were similar to this plaintiff's, Apple changed it so that there was an option to make passwords mandatory every time, rather than having a grace period. And if you did choose to keep the grace period enabled, they made it so that your first in-app purchase in that grace period would require you to re-enter the password.

Effectively, this closed the "hole" that the plaintiff's daughter used (well, to be fair, Apple can't fix bad parenting), wherein the parent downloaded an app, entered their password, and the child managed to ring up $200 worth of in-app purchases in 15 minutes or less. The plaintiff here filed suit in April 2011, shortly after the issue came to light in the press and after it had already been fixed by Apple.

How is this different to some guy suing Mastercard because his kid ran up a giant bill during a spending spree if you have authorised him to make purchases on your account with no limit?

Because, in this case, it appears he didn't authorize his kid to make such purchases with no limit. As such use was not authorized, it may constitute fraud, and the plaintiff could argue that there are local laws which apply in dealing with the fraud. The fact that Apple has already changed the way authorization is done [slashdot.org] indicates the plaintiffs may have a case for historical purchases. Also, there are consumer protection laws in many places that expressly prohibit marketing premium rate phone services to children. If California has such laws, and if the plantiffs can convince the court that said laws apply to in-app purchases and that the in-app product was marketed to children, then they have a case.

Many people are going to think that this is black and white, and say that this is solely the parents responsibility, but that is not what the law says. If you trick a parent into extending their credit liability to a child, and then convince the child to transfer ownership of, say, the value of the family house, clearly this is not going to be legal. It is not black and white, you can not use the actions of a minor to unreasonably deprive an adult of their property, even if you have a contract that says you can.

Apple released iOS 3.0 on June 17, 2009 [wikipedia.org]. iOS 3.1 (with had the in-app purchase restrictions) debuted on September 9, 2009 [wikipedia.org]. So, we're talking about THREE MONTHS, TOPS that Parents ONLY had the ability to hide their iOS Password from their kids.
Hell, Apple even allows a less-draconian option called "iTunes Allowance" [apple.com], which allows you, THE PARENT, to teach fiscal responsibility by allowing LIMITED iTunes purchases (there are also "content" restrictions to control this further).

Honestly, I really don't see how Apple could have been more responsible. They identified that perhaps some additional controls would be a good thing (over and above a Parent simply NOT GIVING THEIR PASSWORD OUT), and had a solution in PARENT'S hands in under three months. I think that is pretty damned good!